In today's technology-dependent world, fraudulent activities are quite rampant and involve many aspects, including data and/or information theft, loss, malicious destruction of data or other forms of data abuse by users of computing systems belonging to organizations, corporations, institutions, and other entities. Many such organizations strive to prevent such activity and employ various fraud prevention and data securitization techniques. However, such conventional techniques are designed to prevent only simple kinds of fraud from occurring and may not be enough on their own. Complex fraud schemes built over time, and typically involving various applications, are often difficult to prevent. Enterprise Resource Planning (“ERP”) systems provide built-in controls to help prevent occurrence of fraud. However, technical complexity and breadth of these systems pose a challenge for auditors when performing fraud detection audits. An extensive understanding of the business, ERP software and its features can be required in order to conduct effective audits. Furthermore, auditors need to understand the customizable aspects of different ERP systems, as well as keep pace with technology improvements. Hence fraud detection is often a labor-intensive task requiring time, effort and resources for both internal and external auditors.
Because audits are typically conducted periodically, fraud can be detected long after it has occurred, causing greater financial loss to the affected organization. Industry estimates put the average fraud detection time at 18 months. This is clearly a long period of time in which to detect fraud and take appropriate remedial measures.
Thus, there is a need for an automated screening of system transactional data to timely detect suspicious user activity or behavior to allow auditors or other reviewers of such data to focus their attention on investigating suspicious activities rather than manually screening audit trails.